Solved

Mail sent from non users received by users on same domain exchange 2003

Posted on 2011-09-16
10
257 Views
Last Modified: 2012-05-12
I'm receiving alot of spam from non users on my domain addressed to valid users.

I'm running exchange 2003 with the latest service pack along with mail essentials from gfi.

Other spam is being blocked properly.

Any idea's why this is happening?

Thanks
0
Comment
Question by:john_991
10 Comments
 
LVL 2

Expert Comment

by:Mike
ID: 36549861
Just to clarify. Are you receiving mail from your own domain with fake user names?
0
 

Author Comment

by:john_991
ID: 36549909
Yes, sent by fake users with the same domain name addressed to users who are on the domain.

i.e. Sent from abc@ere.com who is not on the domain addressed to xyz@ere.com who is on the domain.
0
 
LVL 13

Expert Comment

by:Govvy
ID: 36550057
This will be spoofing performed by spambots external to your organisation marking the sender field with your smtp address. It is likely that your spam filtering solution has an exception for your domain name which you should remove to address this issue
0
 
LVL 2

Expert Comment

by:Mike
ID: 36550113
Your being spoofed. You should contact you ISP about adding an SPF record to your DNS entries.
0
 
LVL 2

Expert Comment

by:Mike
ID: 36550123
This will be helpfull in the process. Most ISPs will require you to submit the what you what the DNS entry to be.

http://www.openspf.org/
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 2

Expert Comment

by:Mike
ID: 36550240
Just a heads up. If you are being spoofed it is possible other people than the people in your domain may be receiving these spoofed e-mails as well.
0
 

Author Comment

by:john_991
ID: 36551211
I have this already in my dns server (spf record)

ere.com. 60 IN TXT "v=spf1 a ~all"

any other idea's?
0
 
LVL 2

Expert Comment

by:Mike
ID: 36551255
To clarify: In "your" DNS server? Do you mean in your internal DNS (.local, etc) or public (.com, etc).

Also, Check out one of the e-mails headers to see where it actually came from. It is possible that you have a client with a spam-bot doing this.



0
 

Author Comment

by:john_991
ID: 36551294
It's in the external dns server. (my hosting company's dns server)

Will look at the header soon.
0
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 500 total points
ID: 36551648
Hello,

The SPF records are not going to help unless you have a mail gateway product that implements them. Exchange 2003 doesn't have built-in support. I'm not sure if Mail Essentials uses them. Most mail gateway products have an option to turn on anti-spoofing. This will prevent servers that are not specifically listed as internal from sending mail into your organization using one of your domains. Check the documention or ask GFI support if Mail Essentials has this feature.

JJ
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now